I didn't see the correction come across the list. Anyone who read this article and didn't have alarms going off in their head should load up on coffee or coke zero before reading the morning/evening news. =)
Corrections: http://www.pcworld.com/businesscenter/article/149136/dns_attack_writer_a_victim_of_his_own_creation.html HD's response: http://metasploit.com/blog/ On Wed, 30 Jul 2008, Paul Ferguson wrote: : -----BEGIN PGP SIGNED MESSAGE----- : Hash: SHA1 : : Via PC World (IDG). : : [snip] : : HD Moore has been owned. : : That's hacker talk, meaning that Moore, the creator of the popular : Metasploit hacking toolkit has become the victim of a computer attack. : : It happened on Tuesday morning, when Moore's company, BreakingPoint had : some of its Internet traffic redirected to a fake Google page that was : being run by a scammer. According to Moore, the hacker was able to do this : by launching what's known as a cache poisoning attack on a DNS server on : AT&T's network that was serving the Austin, Texas area. One of : BreakingPoint's servers was forwarding DNS (Domain Name System) traffic to : the AT&T server, so when it was compromised, so was HD Moore's company. : : When Moore tried to visit Google.com, he was actually redirected to a fake : page that served up a Google page in one HTML frame along with three other : pages designed to automatically click on advertisements. : : [snip] : : More: : http://www.pcworld.com/article/149126/2008/07/.html : : - - ferg : : : -----BEGIN PGP SIGNATURE----- : Version: PGP Desktop 9.6.3 (Build 3017) : : wj8DBQFIj/Wrq1pz9mNUZTMRAmAhAJ9lT5hosH5xBOWOsTFArDsw1MGN1ACg+wQR : a12h7wcZ9hy0JN2DtHkuZGo= : =Wv/X : -----END PGP SIGNATURE----- : : -- : "Fergie", a.k.a. Paul Ferguson : Engineering Architecture for the Internet : fergdawg(at)netzero.net : ferg's tech blog: http://fergdawg.blogspot.com/ : : : _______________________________________________ : Fun and Misc security discussion for OT posts. : https://linuxbox.org/cgi-bin/mailman/listinfo/funsec : Note: funsec is a public and open mailing list. : _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
